Техническая информация
- %ALLUSERSPROFILE%\Desktop\forqd340.exe
- "%TEMP%\PPTV(pplive)_forqd340.exe" (загружен из сети Интернет)
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.ww##21.com
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.81##0.info/tg14.html
- %PROGRAM_FILES%\Internet Explorer\IEXPLORE.EXE http://www.ba###ao.info
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\0D6B6PI5\banshao[1]
- %TEMP%\PPTV(pplive)_forqd340.exe
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\SL6TKFAX\tg14[1].html
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\ULU3YH2D\ww2221[1]
- %HOMEPATH%\Local Settings\Temporary Internet Files\Content.IE5\69I9OPW5\PPTV(pplive)_forqd340[1].exe
- %ALLUSERSPROFILE%\Desktop\forqd340.exe
- %TEMP%\aut1.tmp
- %APPDATA%\Tencent\AXSEF\AXSEF.exe
- %TEMP%\aut2.tmp
- %TEMP%\aut2.tmp
- %TEMP%\aut1.tmp
- 'www.ba###ao.info':80
- 'do####ad.pplive.com':80
- 'www.81##0.info':80
- 'www.ww##21.com':80
- 'localhost':1036
- 'localhost':1035
- 'localhost':1038
- 'localhost':1037
- www.ww##21.com/
- www.81##0.info/tg14.html
- do####ad.pplive.com/PPTV(pplive)_forqd340.exe
- www.ba###ao.info/
- DNS ASK www.ww##21.com
- DNS ASK www.81##0.info
- DNS ASK do####ad.pplive.com
- DNS ASK www.ba###ao.info
- ClassName: 'MS_AutodialMonitor' WindowName: ''
- ClassName: 'MS_WebcheckMonitor' WindowName: ''
- ClassName: '' WindowName: ''
- ClassName: 'Shell_TrayWnd' WindowName: ''